Network access model and methods

ABSTRACT

A terminal adapter, along with a value added network, is disclosed that interworks a plurality of terminals with a processing host to accomplish transaction processing. The terminals can use different protocols and typically incorporate card readers for completing financial or other types of transactions typically involving credit, debit, ATM or similar cards. The terminal adapter provides reliable and secure communication using a network based in part on the Internet as a primary form of communication. The terminal adapter also provides a secondary communication path in the event of a failure of the primary communication path, as well as automatic recognition of different terminal protocols, various security functions, error detection, and other network administration functions to ensure a flexible system and efficient transaction processing system.

RELATED APPLICATIONS

This application is a continuation of application Ser. No. 10/461,175filed on Jun. 12, 2003.

FIELD OF THE INVENTION

This invention generally relates to terminal adapters for terminalsoriginating financial transactions, including credit/debit card readers,automatic teller machines, and point of sale terminals. Specifically,terminals using various access protocols interact with a transactionoriented value added network using a versatile terminal adapterfacilitating interaction of the terminal with a host processor, whereinthe host is also connected to the network. In one embodiment, theterminal adapter uses a wide area network, such as the Internet, as aprimary means of accessing the value added network, and uses dial-uptelephone service as a secondary means of accessing the value addednetwork in the event of failure of the primary communication means. Anetwork operations center manages the transaction oriented value addednetwork for optimal performance.

BACKGROUND OF THE INVENTION

Electronic real-time transaction processing is common in manyindustries, including retail sales, inventory control, and healthcare.Businesses utilize devices such as card readers, including those readingmagnetically encoded cards, to increase productivity and accuracy ofvarious types of transactions. A common application is the use of creditcards for purchasing goods and services in retail sales. Many retailershave deployed automated card readers to facilitate credit and debit cardauthorization processing by store personnel. Not only do automated cardreaders provide greater accuracy than manually keying information attime of purchase, they offer greater speed, convenience, and accuracy.Today, it is common for each point-of-sale (POS) terminal to have anintegrated card reader or have the terminal connected to a nearby cardreader.

Typically, a card reader communicates with a host financial transactionprocessor using a dedicated phone line. The card reader incorporates astandard modem implemented by a single, low-cost integrated circuitbased on modem standards such as V.22, V.22 bis, or V.34. The cardreader dials a programmed telephone number (usually local or toll-free)and establishes a telephone connection via a network with the hostprocessor. The card reader transmits the transaction informationincluding the card number, a transaction number, and purchase amount toa host. The host processor accepts or declines the transaction andresponds by returning an authorization number. This type of transactiontypically occurs quickly as it is desirable to minimize delay andincrease customer satisfaction.

Many businesses have a single point-of-sale terminal, and thus require aphone line for handling card authorizations. This is usually in additionto a voice telephone line, used by the business, since the phone line isusually dedicated for the card reader. If the telephone line is sharedwith a telephone for voice communication, then operation becomesinconvenient, often resulting in delaying card authorizations or voicecalls. For businesses having multiple POS terminals, a plurality oftelephone lines are dedicated to the card readers, often on a sharedbasis. While sharing telephone lines among card readers allows some costsavings, this still may result in delays for a given card reader,depending on the current card authorization volume and the number oftelephone lines. For a growing business with an increasing volume ofcard transactions or increase in the number of card readers, constantlymonitoring and determining when to add new phone lines is difficult anddistracting to the core business functions of the retailer. However, useof dedicated phone lines typically does provide a high degree ofreliability and security.

Many businesses now have Internet access to supplement various businessfunctions. Internet access is often provided to various workers atpersonal computers using an internal local area network (LAN) providinggateway access to an Internet Service Provider (ISP). The physicalcommunication facility between the LAN and the ISP may be of varioustypes, including digital private line, optical fiber, ISDN, DSL, cablemodem, wireless, satellite, etc. Typically, digital access arrangementsprovide higher data communication speeds compared to dial-upconnections. Using a LAN to access the Internet allows multiple users toaccess the Internet at the same time. While simultaneous usage may slowdown response times, one user does not ‘block’ access by another, as isthe case when a single telephone line is shared by multiple users ordevices. Further, the cost of accessing the Internet does notnecessarily require additional fees for each simultaneous user accessingthe Internet. In contrast, simultaneous access via telephone linesrequires a plurality of telephone lines, each of which has a discreteincremental cost.

If retailers could configure their card readers to utilize the Internetfor accessing the host processor, the telephone lines dedicated for thecard readers would not be required, thus reducing costs for theretailers. However, the use of separate telephone lines does provide theadvantage of a reliable and redundant communication architecture.Replacing all the telephone lines with a single Internet accessarrangement provides a single point of communication failure renderingall the card readers in the retailer's location non-functional ifInternet access is unavailable. The potential for lost profits, even fora relatively short outage, can more than justify the higher cost ofusing separate telephone lines. Consequently, it would be desirable tohave the advantages of Internet access while retaining the reliabilityand security of a dial-up connection.

U.S. Pat. No. 5,526,409 discloses the use of a second telephone linethat can be used as a secondary means of communication in the event theprimary telephone line or modem is inoperable. However, using a singletelephone line as the primary communication facility limits the datacommunication speed for transmitting data and limits the destination toa single host. Nor does the patent disclose automatically switching tothe second telephone line or automatically switching back to the primarytelephone line.

U.S. Pat. No. 5,778,173 discloses using the Internet by a personalcomputer to facilitate a financial transaction, such as a purchase.However, the complete transaction is not carried out using the Internet;a portion of the transaction conveying sensitive information is sentusing a modem on a dial-up telephone connection. This arrangement stillrequires a dedicated phone line for each terminal and increases cost.

Therefore, what is needed is a system for using existing card readerterminals for accessing a host financial processor using an inexpensive,reliable, and secure transaction processing network while providingbackup communication to ensure reliable and secure transactionprocessing.

BRIEF SUMMARY OF THE INVENTION

Generally described, the present invention interworks a terminal,typically incorporating a magnetic card reader, with a host processor byusing a terminal adapter operating in conjunction with a network. Theterminal adapter and network provide various value added services,including synchronization, error detection, security, backupcommunication, and authentication to achieve fast, reliable, low cost,and efficient transaction processing. Various embodiments of adaptingexisting terminals or personal computer based terminals are disclosed.

According to one aspect of the invention, a terminal adapter operatingin conjunction with a network is provided for interworking a terminal toa host where the terminal adapter incorporates a processor to receive afirst transaction request message from the terminal and interwork themessage to the network using a second transaction request message. Thenetwork conveys the transaction to the host and interworks the messageto a protocol used by the host. The response from the host is similarlyconveyed back to the terminal. The terminal adapter in coordination withthe network provides services including: synchronization,authentication, error detection, encryption, backup communicationcapability, automatic recognition of various terminal protocols and hostaddresses, automatic determination of network addresses to obtainconfiguration parameters, and the ability to automatically download newsoftware.

According to another aspect of the invention, various embodiments of theterminal adapter/terminal are disclosed, including a software version inwhich functions associated with the terminal adapter are accomplished byloading software into a computer, such as a personal computer basedterminal having existing communication capability with a network.

According to one aspect of the invention, a network node is provided forinterworking a terminal adapter to a host. The network node incorporatesa processor to receive a transaction request message from the terminaladapter and ensure the request is synchronized, encrypted, and errorfree and to relay the message to another network node and to a hostprocessor. The response from the host is similarly conveyed back to theterminal. The network node in coordination with the terminal adapterprovides services including: synchronization, authentication, errordetection, encryption, and downloading of addresses, parameters andsoftware to the terminal adapter.

According to another aspect of the invention, a method is disclosed forinterworking transaction messages by a terminal adapter wherein themessages originated from a terminal are interworked with a network forprocessing by a host. The method includes: receiving a first messagefrom the terminal, determining the protocol and host destination, andmapping the first message to a second message to a network interface.The method includes ensuring synchronization between the terminaladapter and network, encrypting and decrypting messages, switching overto a backup communication path as required, authenticating the terminaladapter to the network, discovering service address information and newconfiguration parameters, and downloading software as required.

According to another aspect of the invention, a network operation centeris disclosed for maintaining information associated with each terminal,including primary and secondary communication path status, operationalstatus, software version indicators, parameter file version indicators,and various service related address information. The network operationscenter may further initiate communication to a defined location, in adefined manner, based on a defined status condition.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

Having thus described the invention in general terms, reference will nowbe made to the accompanying drawings, which are not necessarily drawn toscale, and wherein:

FIG. 1 illustrates one embodiment of the system in which the versatileTerminal Adapter operates according to the principles of one embodimentof the present invention.

FIG. 2 further elaborates on one embodiment of the invention involvingthe Value Added Network according to the principles of one embodiment ofthe present invention.

FIG. 3 illustrates the pre-transaction transfer procedures for theTerminal Adapter according to the principles of one embodiment of thepresent invention.

FIG. 4 illustrates a Simple Transaction message exchange according tothe principles of one embodiment of the present invention.

FIG. 5 illustrates a Session Transaction message exchange according tothe principles of one embodiment of the present invention.

FIG. 6 illustrates the protocol architecture for one embodiment of theTerminal Adapter using the primary communication path according to theprinciples of one embodiment of the present invention.

FIG. 7 illustrates various hardware components associated with oneembodiment of the Terminal Adapter according to the principles of oneembodiment of the present invention.

FIG. 8 illustrates various software components associated with oneembodiment of the Terminal Adapter according to the principles of thepresent invention.

FIGS. 9A-9B illustrate various software related embodiments of thefunctions according to the principles of one embodiment of the presentinvention.

FIG. 10 illustrates a flowchart for switching from the primary tosecondary communication path (and vice versa) according to theprinciples of one embodiment of the present invention.

FIG. 11 illustrates the protocol stacks for one embodiment of theTerminal Adapter using the secondary communication path according to theprinciples of one embodiment of the present invention.

FIGS. 12A-12C illustrate embodiments of the Terminal Adapterautomatically selecting a terminal protocol according to the principlesof one embodiment of the present invention.

FIGS. 13A and 13B illustrate the procedures and parameters provided tothe Terminal Adapter to accomplish software download and configurationmanagement according to the principles of one embodiment of the presentinvention.

FIG. 14 illustrates various operational aspects of the Terminal Adapteraccording to the principles of one embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

The present inventions now will be described more fully hereinafter withreference to the accompanying drawings, in which some, but not allembodiments of the invention are shown. Indeed, these inventions may beembodied in many different forms and should not be construed as limitedto the embodiments set forth herein; rather, these embodiments areprovided so that this disclosure will satisfy applicable legalrequirements. Like numbers refer to like elements throughout.

The present invention is directed in part to a versatile transactionterminal adapter (“Terminal Adapter”) interworking various types ofterminals with a value added network (“Network”) for the purpose ofaccomplishing transactions, including financial transactions, which willbe principally used to illustrate the principles of the presentinvention. The Terminal Adapter is designed to utilize the services ofthe Network, which in turn utilizes a communication infrastructure, suchas the Internet, to provide the goals of reliable, secure and efficientcommunications in a low cost manner. Alternatively, the Network couldutilize other communication infrastructures, such as virtual privatenetworks, ATM networks, WANs, or similar technologies to accomplishthese goals. Further, although the principles of the present inventionare illustrated using certain types of embodiments, communicationinfrastructures, and categories of transaction types, it will be readilyappreciated that other communication networks or devices couldincorporate the principles of the present invention for a variety oftransaction types.

System Overview

A system perspective of one embodiment of the invention is shown inFIG. 1. In FIG. 1, the terminals of system 1 are typically located onthe premises of a business, such as a retail store, bank, merchant, etc.although it is not restricted to commercial sales applications. A commonexample is a card reader 2 located in a retail store, which can be acredit card reader, debit card reader, or any other type of magneticcard reader, optical card reader, or ‘smart’ card reader. In FIG. 1, thecard reader 2 is illustrated as directly connected to the TerminalAdapter. The connection between the card reader and the Terminal Adaptercan use a variety of connection means, and frequently incorporates anRJ-11 telephone-type jack based on a Plain Old Telephone (POTS)interface. Specifically, the card reader expects to interface with thePublic Switched Telephone Network (PSTN), which the Terminal Adapteremulates.

FIG. 1 also illustrates a plurality of card readers 4, which can be ofthe same type as the previous card reader 2, but which are connected toa multi-card reader controller 6. The controller 6 aggregates aplurality of card readers and multiplexes their transactions onto asingle communication facility. In this illustration, the controller 6 isconnected to the Terminal Adapter 14. The interface presented by theTerminal Adapter 14 to the card reader 2 could be the same interfacepresented by the Terminal Adapter 14 to the multi-card-reader controller6. These are but two of many arrangements that may be used to connect aterminal to the Terminal Adapter. For example, one embodiment of theTerminal Adapter connects several identical card readers 2, one terminalto each interface of the Terminal Adapter 14.

The terminal is not restricted to being a card reader, but may be a moresophisticated device, such as an Automatic Teller Machine (ATM) 8. Thistype of terminal performs financial transactions, although the nature ofthe transaction may be more complicated or varied than that of a creditcard authorization associated with the previously identified cardreaders 2, 4. The ATM 8 is illustrated as directly connected to theTerminal Adapter 14 and the ATM and Terminal adapter can be co-locatedtogether or remotely located from each other. Again, variouscommunication arrangements may be used to effect the communicationbetween the ATM terminal and Terminal Adapter 14 including the use ofmulti-terminal controllers 6 previously disclosed.

Finally, FIG. 1 also illustrates a personal computer (PC) basedPoint-of-Sale (POS) terminal 10 having an integrated card reader 11accessing the Terminal Adapter 14 via a modem 12. The POS terminal istypically a personal computer adapted for POS applications usingstandard operating software, such as the Microsoft Windows™ operatingsystem and controls the modem using one of several command languages,such as the Hayes™ compatible modem command or XON/XOFF commands. Thoseskilled in the art will recognize that alternative configurations arepossible. For example, the POS terminal 10 could interface with theTerminal Adapter 14 using a USB cable connected to USB ports, a serialRS-232, or RS-422 interface. Alternatively, the modem functions, orsubset thereof, may exist in the POS terminal or in the Terminal Adapteras a virtual device driver. If the modem functionality is integratedinto the Terminal Adapter, it could be a ‘software’ modem or virtualmodem. Specifically, driver software emulating a modem's commandinterface in the Terminal Adapter allows the POS terminal to interactwith the Terminal Adapter as if there were an actual hardware modemconnected to the POS' serial interface. The POS terminal issues standardmodem commands via the serial interface that are, in turn, processed bythe Terminal Adapter emulation software. Further, the functionality ofthe Terminal Adapter can be integrated into the personal computer or thePOS terminal by defining a ‘softmodem’ or virtual modem. Alternatively,the softmodem could be implemented in a client-server system comprisingterminals and a server.

Other variations are possible, including the Terminal Adapter providinginterfaces incorporating a poll select asynchronous packet basedprotocol, such as the X3.28-1976 ISO protocol, X.25, frame relay, orbisync protocol to interface with other types of terminals. Further, theinvention is not limited to card reading or POS terminals, but includesterminals conducting transactions based on other inputs, including badgereaders, OCR scanners, RF identifier tag readers, sensors, specialpurpose personal computers, computers processing manual keyboard input,or any other type of transaction-oriented processing device.Additionally, the card reader need not be synonymous with the terminalor incorporated in the terminal, and instead, the terminal can beconsidered to have, or comprise, a card reader so long as the terminal,such as the POS embodiment, is in communication with a card reader orsimilar functioning input device. Although a preferred embodiment of thepresent invention is directed to financial transactions, the principlesof the present invention could apply to transactions of a non-financialnature, such as telemetry, alarm, maintenance, health care, pharmacy, orother applications typically involving card readers for ‘card swipe’transaction processing.

The Terminal Adapter 14 can be considered as having a ‘front end’comprising the terminal interfaces 2, 4, 8, 10. The front end of theTerminal Adapter can be configured in a variety of ways, includinginterfacing a single terminal or a plurality of terminals. If aplurality of devices are interfaced, then the interfaces may beidentical (e.g., all POTS based), all different (e.g., a POTS and RS-232serial interface), or a hybrid combination (e.g., two POTS interfacesand two RS-232 interfaces). In one embodiment, four POTS type interfacesare provided and in another embodiment, two POTS type interfaces and twoasynchronous RS232 interfaces are provided. Obviously, othercombinations of interfaces on the front end are possible and aredictated primarily by commercial business motivations, capacity, andcost concerns.

The Terminal Adapter 14 can also be considered as having a ‘back end’comprising network interfaces interconnecting with network communicationfacilities. In FIG. 1, the Terminal Adapter 14 has two networkinterfaces on the back end. One interface 16 is an Ethernet interface;typically connecting to a LAN 18 and designated the primary interface.This interface could be a 10BaseT type of Ethernet access, althoughthose skilled in the art will readily recognize other types of LAN/MANaccess standards could be used such as FDDI, token ring, token bus,802.11x, etc. The LAN 18 facilitates interconnection 26 with theInternet 20, since the Terminal Adapter may not always be in closeproximity to the interface to the Internet interface. For example, astore operating multiple sales stations may have a Terminal Adapterlocated in the store connected via the primary interface 16 to thecorporate LAN 18 that in turn then provides access to the Internet 20.The LAN also isolates the Terminal Adapter from the various Internetaccess arrangements. For example, the Terminal Adapter 14 is isolatedfrom changes or upgrades in the physical connection 26 to the Internet,whether it be DSL, wireless, T1, etc.

The LAN 18 in turn interfaces to the Internet 20 using one of thevariety of communication facilities 26, including: DSL, T1, T3, dial-up,ISDN, optical fiber, cable modems, WiFi, satellite, etc. The TerminalAdapter accesses the Internet interface on the back end using either thePPPoE (Point-to-Point Protocol over Ethernet) protocol or the DHCPprotocol when using Ethernet access. PPPoE and DHCP are well knownapproaches to achieve TCP/IP access to the Internet over Ethernet andare well known in the art of data communications. The primary interface16 is preferably a high-speed interface, at least fast enough toaccommodate the transaction volume of the plurality of terminals.

The Terminal Adapter 14 may also have a secondary interface 22 on theback end illustrated by a connection to the Public Switched TelephoneNetwork (PSTN). The second interface provides back up communicationcapability in the event the primary communication path is inoperable andtypically operates at a slower speed than the primary interface. Thissecondary interface typically uses a telephone line and the TerminalAdapter typically incorporates an integrated modem and PPP accessprotocol. The PPP is well known in the area of data communications forobtaining TCP/IP access to the Internet over dial-up. The PSTN is notedfor its reliability and ubiquitous availability, although dial-up accessspeed is limited. However, it is usually the case that a businesslocation will have a telephone line for dial-up access for voice thatcan intermittently be used for dial-up access to an ISP, whereasalternative access methods (such as DSL) are not nearly as common.However, the Terminal Adapter 14 could incorporate such alternativeaccess arrangements for the secondary interface, including: DSL, ISDN,frame relay, X.25, or some other communication protocol for thesecondary interface. The secondary interface could even be the same typeas the primary interface. Typically, the secondary interface is based onmodems providing speeds of 28.8 Kbps or 56 Kbps (e.g., V.34 or V.90),although other rates could be used.

The Terminal Adapter of this embodiment relies on connectivity to thePSTN for secondary access in the situation where the primarycommunication path is not functional in two ways. First, a preferredembodiment uses a facility 30 to access the Internet 20 to provide analternative route to the Network 33 so that the same set of services areprovided. A second embodiment incorporates a facility 32 directlyconnecting the Transaction Processor 36. In this embodiment, theTransaction Processor 36 could implement the processes for providing thesame value added services as provided by the aforementionedinfrastructure 28, or alternatively, the Financial Transaction Processormay not provide the additional services and allow the secondarycommunication path to have a reduced level of functionality, while stillproviding connectivity. This may be an acceptable business alternative,since transaction applications using a point-to-point POTS connectionbetween the Terminal Adapter and Transaction Processor may find itacceptable to operate without all the value added services on an interimbasis.

The Internet 20 provides a communication infrastructure for transportinginformation and provides a set of well-known services using the TCP/IPprotocol stack. However, the needs of the terminals to perform financialtransactions (or, other applications as previously noted) may not fullybe served by the data communication services provided by the Internet.For this reason, various service extensions are required. These ValueAdded Services 28 are provided by various Nodes connected to theInternet operating an additional protocol on top of the TCP/IP stack.Together, the Internet and the Nodes provide enhanced services andcomprise the Network 33. Although the Internet may be associated withone embodiment, the Value Added Service Network could be comprised ofvarious Nodes operating on top of other networks such as WANs, LANs, orvirtual private networks based on a variety of technologies. The valueadded services provided by the Network provide additional security,reliability, and flexibility to facilitate other functions that will bedescribed in further detail. This architecture is based on the conceptof protocol layers and is well known in the art of data communications.

FIG. 2 further expands on one possible embodiment of the Internet 20 andValue Added Services 28 that comprise the Value Added Network 33. As iswell known, the “Internet” is not a single network, but a collection ofnetworks operating in a cohesive manner. This is illustrated in FIG. 2by depicting the Internet 20 as two interconnected Internet ServiceProviders 27. In practice, there are literally thousands of suchnetworks comprising the “Internet.” The services provided by theInternet use the TCP/IP protocol and are well known, but may not besufficient in terms of reliability and security for transactionprocessing. Consequently, Nodes 25 are defined providing theseadditional functions in the Network.

The Nodes 25 are connected to the Internet and may be directlyinterconnected as well (not shown). While three Nodes are illustrated,in practice there may be many more, deployed in diverse geographicareas, replicated for redundancy, and interconnected for reliability.Further, some Nodes 25 may be collocated or integrated with otherequipment, such as the Transaction Host Processors 36 or Internetrouters, LANS, gateways, bridges or PBX's.

There are three types of Nodes that typically implement the value addedservices and these are the Client Node 25 a, the Core Node 25 b, and theService Node 25 c. The Client Node 25 a interfaces with the TerminalAdapter, typically using the transport capabilities of the Internet.Although not illustrated, it is possible that the Terminal Adapter coulddirectly connect to the Client Node 25 a using any number ofcommunication facilities. This would represent an embodiment where theClient Node and Internet router functionality are integrated. The ClientNode 25 a recognizes the Terminal Adapter 14 and performssynchronization, security, authentication, and error detection functionsin addition to relaying and/or interworking information to the Core Node25 b. The Core Node is not always required, but if present, it relaysinformation across the same or different ISP providers 27. The Core Node25 b may relay information to other Core Nodes or to a Service Node 25 cas illustrated in FIG. 2. When the Core Node routes to another CoreNode, it can route the transactions to the least busy Core Node, orreroute to an alternative Node in case of a Node failure. The ServiceNode 25 c interfaces with the Transaction Host Processor (“Host”) 36using any number of point-to-point facilities 34. The Service Nodeconverts the protocols used when receiving transaction from another Nodeto the protocol used in communicating with the Host 36. In general, manyof the services and features the Terminal Adapter provides with respectto a terminal can be provided by a Service Node to a Host Processor.Thus, for example, a Host Processor could initiate a transaction toanother Host. Typically, the connection 34 from the Service Node to theHost is a high-speed digital facility capable of multiplexingsignificant numbers of transactions.

Since reliability is a major concern in financial and other types oftransactions, the Nodes 25 are typically replicated in diverselocations. For example, the Service Node is duplicated (not shown inFIG. 2) in a diverse geographical location and also connected to theHost processor so that the Host can continue to communicate to analternative Service Node if one Service Node or communication pathfails. The Service Nodes may be load balanced (e.g., each typicallyproviding 50% of the total transaction traffic to the Host) orconfigured with one Node as a hot standby (providing 100% of thetransaction capacity, but switchable to the other Node when required).Similarly, each Service Node is typically connected to a plurality ofCore Nodes. Those skilled in the art of network architecture willrecognize the various arrangements that can be used for providingreliable access between the Host and the Terminal Adapter. Further, theHost may be replicated in a geographic diverse location for redundancyand reliability reasons.

FIG. 2 also illustrates a Network Operations Center (NOC) 29 connectedto the various Nodes 25. The NOC 29 administers and manages theoperation of the Nodes and Terminal Adapters with respect to theNetwork. With respect to the Nodes, the NOC receives measurements, alarminformation, traffic statistics, load levels, and similar informationand acts accordingly. For example, if a Node is not functioningcorrectly, adjacent Nodes will reroute around the non-functioning Node.The NOC becomes aware of the status of the non-functioning Node and canmonitor the status of the Node while the problem is investigated andcorrected. With respect to Terminal Adapters, the NOC is also aware oftheir operation and maintains a profile for each Terminal Adapter 14 andits corresponding Client Node 25 a. This allows the NOC to know thecurrent network conditions and operating status of each element,including both Nodes and Terminal Adapters.

The NOC can further communicate indirectly to the Terminal Adapter bysending management messages relayed by the appropriate Node bypiggybacking messages with the parameter file fetch response. The NOC(via the Network) can send a command to reset the Terminal Adapter,direct the Terminal Adapter to switch from its primary communicationpath to its secondary communication path, or switch to a differentClient Node.

Normal Operation

The normal operation of the Terminal Adapter is typically divided intotwo phases: pre-transaction processing and transaction processingtransfer. Several functions must be accomplished in the pre-transactionprocessing phase in order to communicate transactions in the datatransfer phase. In this context, ‘pre-transaction processing’ refers toactions occurring prior to the processing of terminal originatedtransactions. As will be discovered, the Terminal Adapter uses thetransaction protocol procedures to bootstrap itself in order tosubsequently process transactions from the terminal. Thus, transactionmessaging is used between the Terminal Adapter and the Network in the‘pre transaction processing’ phase.

Because various aspects of the pre-transaction processing andtransaction processing phase generally rely on data that is hardcodedinto the Terminal Adapter, this data is briefly discussed. In otherembodiments, such as the softmodem incorporated into a PC, the PCmanufacturer obviously does not hardcode these values into the PC'sfirmware. In these embodiments, these values are programmed into thedevice manually or loaded by reading a file.

Embedded Data

One type of data manufactured in the firmware of each Terminal Adapterof one embodiment is a Terminal Adapter Identifier value that uniquelyidentifies the device. This value may in the format of: <manufacturerid><model number><serial number><suffix>. This structure forms a 24 byteidentifier, although other structures and values may be used to achievea unique identifier programmed into the Terminal Adapter. For example,the MAC address (associated with the Ethernet network interface) couldbe concatenated with the serial number and used as an identifier. TheTerminal Adapter Identifier is typically sent in all messages toidentify the particular Terminal Adapter to the Network and allows inpart, the Network and NOC to maintain status and service profileinformation for each Terminal Adapter.

Another instance of data programmed into the Terminal Adapter of oneembodiment is a secret key used in encryption and authentication. Thesecret key value is not communicated over the interface, but used bothby the Terminal Adapter and the Network to encrypt information that iscommunicated over the interface. As is well known, the use of encryptionalso facilitates authentication of a particular Terminal Adapter.Authentication can be accomplished by the Terminal Adapter and Networkencrypting a common data value, exchanging and then comparing theresult. Only if the Terminal Adapter has the correct secret key will itsencrypted value match the Network's value. As for using the secret keyfor encrypting transactions, encryption is accomplished using a keyderived from the secret key, the session token and the transactioncounter. In this manner, if an unauthorized user cracks a message, thesecret key is not revealed, and hence other messages are notcompromised.

The Terminal Adapter of one embodiment also stores a defaultConfiguration Service Name that describes the parameter file versioncurrently held in non-volatile memory. In this embodiment a value isprogrammed into the Terminal Adapter describing the parameter fileversion initially present at power up, but then a dynamically determinedvalue is obtained from the Network and supercedes the default value.

Another instance of data programmed into the Terminal Adapter of oneembodiment is a default Service Name. The Service Name is a default URLof a server providing ‘bootstrap’ address information, typically in theform of a set of Client Nodes IP addresses that the Terminal Adapteruses to interact with for transactions and management functions (e.g.,parameter downloading). Usually, a Terminal Adapter uses a singleaddress for these functions, but for various reasons includingreliability, alternative values are provided.

These values are programmed into the Terminal Adapter as default values.In many cases, the default values are typically augmented withdynamically determined values provided by the Network as part of thebootstrap process. The dynamically obtained values do not erase thedefault values (recall that the default values are hardcoded into theTerminal Adapter), but the Terminal Adapter stores both and knows by thepresence of the dynamic values that the default values have beensuperceded.

Pre-Transaction Processing Phase

Upon power up, the Terminal Adapter generally executes several relatedprocedures. In one embodiment, these are: Service Discovery,Synchronization and Authentication, Parameter Downloading, and SoftwareDownloading. All are executed upon initially powering up the TerminalAdapter, but thereafter, the procedures may be invoked separately. Uponinitial powering up, the Terminal Adapter of this embodiment firstinvokes a Service Discovery process to obtain a list of IP addressesthat correspond to Client Nodes. This is accomplished by sending aService Discovery request using the service name address that ispermanently encoded into the Terminal Adapter.

The Terminal Adapter of this embodiment then synchronizes andauthenticates itself to the Network. These procedures occur together, sothat authentication follows whenever synchronization occurs. Thus,‘synchronization’ implies synchronization and authorization wherevercontext dictates such. Synchronization is generally required prior tosending transaction requests, and occurs frequently after the TerminalAdapter has initially powered up. For example, if the Terminal Adapterhas been idle for a long period, re-synchronization may be required.Synchronization is discussed in detail in conjunction with the normaltransaction transfer, so that this explanation can focus on the initialpower up functions.

After synchronization, the Terminal Adapter of this embodiment selectsone of the IP addresses obtained using service discovery and uses it toinitiate a parameter download using a transaction request. As discussedsubsequently, this is of the form known as a ‘simple’ transactionrequest. The parameter file contains various configuration and addressinformation to facilitate operation of the Terminal Adapter. Theparameters may indicate, in part: where transactions should be sent to,primary and secondary communication path information, and where toobtain new software applications for software downloads. The TerminalAdapter typically downloads a parameter file by indicating its currentparameter file version to the Network. This is an implicit request tothe Network to indicate whether a more current version exists. Uponinitial powering up, this value indicated by the Terminal Adapter istypically the default Configuration Service Name encoded into theTerminal Adapter. When the Network receives the default ConfigurationService Name, it knows to route the request to a specified processserver and a configuration version number of zero indicates that theTerminal Adapter is requesting an initial parameter download. TheNetwork responds by sending the current name of the parameter fileversion along with the parameter data.

Next, the Terminal Adapter of this embodiment examines certainparameters in the parameter file to determine whether a softwaredownload should occur. Software download refers to downloading newapplication code (binary image file) for execution. The Terminal Adapterexamines the binary image name of the most recent executable file asindicated by the Network in the parameter file and compares it with thecurrent value stored in memory. If the Terminal Adapter finds adifferent executable file indicated compared to what is stored indefault memory (which is likely the case upon initial powering up), theTerminal Adapter fetches the new executable file. The location to fetchthe executed file from is typically indicated by an address in theparameter file. After the Terminal Adapter loads and executes thecurrent application, it is ready to process transactions from aterminal. Thus, the transaction processing phase is ready to start.

Transaction Processing Phase

Prior to sending a transaction, the Terminal Adapter is typicallysynchronized and authenticated to the Network. This generally occursduring initial power up, but may be required again. Resynchronizationoccurs frequently and is considered normal operating procedure.Synchronization facilitates orderly transaction processing between theNetwork (specifically, the Client Node) and the Terminal Adapter, aswell as enhancing the security of the transaction by exchanging a newsession token. Resynchronization may be required if errors occur whenthe Terminal Adapter switches from the primary to secondarycommunication path, or when the Terminal Adapter switches from oneClient Node to another. Authentication is required to ensure the Networkis communicating with a trusted entity and to pass encryption parameters(e.g., a session token, as discussed subsequently) to the TerminalAdapter.

In the embodiment of FIG. 3, the Terminal Adapter 301 first opens a TCPconnection with the Network 303 in step 300. The Terminal Adapter sendsa synchronization request at step 302 and includes a transaction counter(TC) in the header of the message. Thereafter in subsequenttransactions, the Network will expect the transaction counter to beincremented over the current value each time a transaction is sent. Ifthe Network receives an unexpected value, an error code is returned tothe Terminal Adapter and the Terminal Adapter is required tore-synchronize its transaction counter. Re-synchronization is requiredunder various conditions, including: the Terminal Adapter being idle fora long period, switching from primary to secondary communication paths,or being unable to complete a transaction.

The Network records the TC value and computes a Message Digest. Amessage digest is a condensed text string that has been distilled fromthe contents of a text message where its value is derived using aone-way hash function and is used to create a digital signature. TheNetwork may use a particular form known as a Message Digest 5 (MD5)based on a Random Value (RV) and the Transaction Counter (TC). This isreturned in a Synchronization Response at step 304 that signifiessynchronization has occurred and that the Terminal Adapter shouldauthenticate itself.

The Terminal Adapter responds by formulating a Message Digest type 5(MD5) based on a secret key (PUC) and the transaction counter (TC) instep 306 and sending it to the Network. The Network compares this valuewith its previously computed value, and assuming a match, returns aresponse in step 308 indicating authentication has successfully occurredand includes a session token (ST). The session token is encrypted usingthe Message Digest and is used by the Terminal Adapter to derive the keyused for subsequent encryption/decryption in the data transfer phase.Finally, when completed, the Terminal Adapter may close the TCPconnection in step 310. Alternatively, the Terminal Adapter may leavethe TCP connection open and avoid the additional steps of opening a TCPconnection prior to entering a subsequent data transfer phase.

There are alternative security and authentication means that could beused to authenticate and encrypt information, including other public andprivate key schemes such as RSA, PGP (Pretty Good Privacy), etc. Thoseskilled in the art will recognize that a variety of message types,formats, and encryption techniques could be used to accomplish thefunction of synchronizing and authenticating the Terminal Adapter andNetwork, but these are all within the principles of the presentinvention.

The Transaction Processing Phase is used to convey transactionsinitiating from the terminal, and in one embodiment, there are twomethods to accomplish this: simple transactions and sessiontransactions. The simple transaction is composed of a singlerequest-response pair of messages. These are often used in credit cardor ATM based transactions where a single message pair is sufficient tocomplete the transaction. The process is illustrated in FIG. 4.

In FIG. 4, the Terminal Adapter 400 communicates with the Network 402,typically with a Client Node 25 a. The Network 402 also communicateswith the Host 404, which is the Financial Transaction Processor 36 ofFIG. 1.

The Terminal Adapter must open a TCP connection in step 406 if one hasnot already been opened. After that, a Simple Request 408 is sent to theNetwork, which then routes the message to the appropriate Host in step410. The Host processes the transaction 411 and responds in step 412.The Network 402 receives the response and forwards it in step 414 to theTerminal Adapter 400. The Terminal Adapter extracts the response 416 andsends the response to the Terminal (not shown). If there are additionaltransactions that can use the same TCP connection, then the processrepeats at step 418. If there are no further transactions, the TerminalAdapter will close the idle TCP connection at step 422 and anyadditional transactions at step 420 will result in re-opening a TCPconnection at step 406.

The other method for sending a transaction in this embodiment is usingthe Session Transaction. The Session Transaction is used for morecomplex transactions, such as settlement activities occurring at the endof day. For example, in some business implementations the POS terminalretains data for the financial transactions during the day and must sendsummary information to the Host for end-of-day settlements. A SessionTransaction is composed of multiple request-response pairs and is moreappropriate than the single request-response for transferring lengthytransactions. The Session Transaction is composed of multiplerequest-response pairs that are guaranteed to be delivered in sequentialorder to a Host on the same logical connection. When a SessionTransaction is initiated, the Client Node initiates a session with theappropriate Service Node and the Service Node responds with sessioncontext information, such as address and port information. This allowsthe Client Node to map subsequent message associated with the session.If transaction data is provided by the terminal, the Client Nodeincludes the data in the session initiation message, and the ServiceNode forwards this to the Host. The session context also enables theterminal adapter to continue a session using a different Client Node inthe event that the initial Client Node becomes unavailable. This processis illustrated in FIG. 5.

FIG. 5 illustrates the Terminal Adapter 500 communicating with theNetwork 502, which in turn, communicates with the Host 504. The TerminalAdapter must open a TCP connection in step 506 if one has not alreadybeen opened. Then, the Terminal Adapter communicates an Initiate Sessionrequest at step 508 to the Network, along with transaction data. TheNetwork routes the message to the appropriate Host at step 510.Specifically, the Client Node receives and relays the message to theService Node, which then relays the message to the Host. The Hostprocesses the transaction data at step 512 and conveys the response 514to the Network and then conveyed again 516 to the Terminal Adapter. Atthis point, the Terminal Adapter in step 518 is prepared to sendtransaction data and the Network has established internal session tablesfor mapping subsequent terminal messages to a specified session andhost. The Transaction Data is formulated at step 520 and a SessionTransaction request is sent to the Network at step 522, which thenroutes the request 524 to the Host, which processes the transaction 526.The response 528 is conveyed to the Network and back 530 to the TerminalAdapter that extracts the response data 532. If additional transactionsare desired, the process repeats at step 531. Once all the transactionrequest-response messages are conveyed, the Terminal Adapter thenformats a Terminate Session request 534 and sends it to the Network atstep 536. If transaction data is included, the Network forwards it tothe Host 538 and processes the message 540. The Host sends a response542 that is forwarded by the Network to the Terminal Adapter 544 in theTerminate Session message closing the session 546. Once completed, theTCP connection can be closed 548.

Both transaction forms have common aspects. First, transaction messagesin either form incorporate a Terminal Adapter Identification Number.This may be the value hardcoded into the Terminal Adapter or, in thecase of a PC executing software emulating a terminal adapter, the valuecan be programmed into the device. The Terminal Adapter IdentificationNumber uniquely identifies the device connected to the Network 33. Thisunique value allows the Network to maintain information for eachTerminal Adapter using the Network. If an error condition exists theNetwork will be able to correlate the condition to a particular deviceand take action as necessary. This may include, for example, notifyingappropriate service personnel to investigate a problem, such as adefective Terminal Adapter. Further, statistics regarding eachtransaction can be maintained and recorded for a given Terminal Adapter,allowing value added information to be mined from periodic reports.

Second, both types of messages utilize error detection using well-knowntechniques, such as cyclic redundancy codes (CRC). This allows easydetection of errors in a transaction detectable by the Network, Host, orTerminal Adapter and ensures only uncorrupted data is processed.

Further, both transaction forms utilize encryption based on a secret keythat is programmed into the Terminal Adapter at the time of manufacture.The encryption schemes are based on the 3DES, AES, or any other schemewell known in the art. The 3DES and AES schemes encrypt multiples of 8or 16 bytes cipher texts respectively, and when the cipher text is not amultiple of the block size, then the cipher text is zero padded to theappropriate length. The encryption key may be generated based on runningMD5 on the concatenated value of the private key (known to the TerminalAdapter), the transaction counter, and the session token.

Additionally, both transaction forms indicate a service name that isused by the Network to determine the appropriate host for processing thetransaction. The Service Name is derived from the parameter download andis used by the Network to identify a particular Service Node to thendeliver the transaction to the appropriate host.

Those skilled in the art will recognize that the message formats forconveying this information can be of various formats. In one embodiment,messages indicate a packet type with values defined for sessionrequest/responses and simple transaction request/responses. A variety ofencoding and structures can be used to convey the above information aswell as encode the information.

The above capabilities for communicating transactions between theTerminal, Network, and Host ensure that:

-   -   only trusted entities are allowed to initiate a transaction with        the Network;    -   transactions are recognized in an orderly manner by the various        entities;    -   transactions are error checked at various points to ensure no        errors occur during communication;    -   transactions are encrypted prior to delivery to the Network to        ensure unauthorized recipients cannot understand the contents;        and    -   Terminal Adapters are uniquely identified to allow correlation        of transaction related events with a specific user of the        Network.

The system in which the Terminal Adapter operates can also be viewedwith respect to the protocol stacks. As illustrated in FIG. 6, aprotocol stack 650 is implemented in the card reader 2 comprising a POSapplication 651, which is typically programmed at time of manufacturing.This application uses the services of a financial transaction protocol652 such as the VISA-II (a.k.a. VISA-2) protocol to transmit credit cardauthorizations. This in turn, relies on a telephone protocol 653 thatcomprises the physical, modem and traditional dial-up procedures tocommunicate over a phone line 654 to the Terminal Adapter 14. TheTerminal Adapter containing protocol stack 656 receives the informationover the telephone cable 654, decodes the information using acorresponding telephone protocol 655, and relays 657 the financialtransaction protocol information over the backside interface. This‘backside’ interface uses the value added services layer 658 to providea secure and robust transmission of data to the host 636. The valueadded services layer 658 uses the TCP/IP protocol layer 659 andincorporates the aforementioned authentication, synchronization, andencryption procedures for sending transactions. The transactions arecommunicated using the TCP/IP over Ethernet requiring the use of theIEEE 802.3 Ethernet protocol layer 660. The LAN is typically a 10BaseTEthernet connected via the Internet.

Not all the protocol stacks for all the physical elements areillustrated, as they are not required to illustrate the principles ofthe present invention. For example, the Ethernet/Internet bridging theLAN and providing Internet access is not illustrated as it istransparent to the value added services layer and higher layers.Further, only one Value Added Service Node in the Network 33 isillustrated by the protocol stack 662. This Node is a combination ClientNode and Service Node as it interfaces both to the Terminal Adapter andthe Host. In practice, a separate protocol stack for a Client Node and aService Node would typically exist, communicating with each other usingthe Internet or other facilities. Those skilled in the art willrecognize many other variations as well.

The Value Added Service Node receives data via the lower layer 665,processed by the TCP/IP layer 664 and then processed by the addedservices layer 663. If acceptable, the data is relayed by the financialtransaction protocol layer 666 back down a TCP/IP layer 667 and aphysical layer 668, which can be based on a variety of protocols (e.g.,T1, DSL, etc.). The relaying layer 666 in the Node may or may notconvert the financial protocol to another variant as required by theHost. The data continues via the physical facility 669 and then to theFinancial Transaction Host 636 that implements a protocol stack 674comprising a physical layer 670, TCP/IP layer 671, a financialtransaction protocol 672, and a POS application.

In this architecture, the two POS applications 651, 673 communicate in aclient-server fashion, as does the value added services protocol layer658 in the Terminal Adapter with the value added services protocol layer663 in the Value Added Service Node 25. This type of modeling ofprotocol layers is well known in the art and indicates information thatis transparently conveyed by a lower layer that provides services to thehigher layers. The value added services layer typically is incommunication with an internal management application executing in theTerminal Adapter and communicating with the NOC (not shown). This allowsthe value added services layer to respond to actions and events outsidethe direct scope of the value added services protocol itself.

For example, one service provided by the value added services layer 658is data reliability. The management process in the Terminal Adapterdetects a failure in the primary communication path from the backend ofthe Terminal Adapter. The failure detected on the backend of the primarynetwork interface can be any type of failure in the Ethernet physicallayer 660 (assuming Ethernet access for the primary communication path),the TCP/IP layer 659, the added services layer 658, or the PPP layer 666(assuming dial-up access is used for the primary communication path).For example, a physical cut in the Ethernet would result in a loss ofelectrical signals at the physical layer 660. A physical cable cut wouldalso result in a failure at the TCP/IP layer 659, since no frames couldbe transmitted. Other failures could be solely at the TCP/IP layer, suchas the failure to resolve an address request (e.g., URL), or failure toreceive a response at the TCP/IP level. A failure at the added serviceslayer 658 could occur if there was a catastrophic failure of theServices Node 25, which would leave the lower layers functional from theTerminal Adapter's perspective. For whatever reason a failure isdetected, the management process, directs the value added services layer658 to establish secondary communication, redirects any subsequentlyreceived terminal transaction requests to the secondary communicationpath, and resumes the transaction processing. During a failure on theprimary communication path, the Terminal Adapter returns an error to theterminal (which depends on the terminal interface). Typically, theterminal reattempts initiating the transactions and the Terminal Adaptertypically has established the secondary communication path by this time.

Another service provided by the Terminal Adapter's value added serviceslayer 658 in conjunction with the Value Added Services Node 25 may beservice discovery and transaction synchronization. Service discoveryallows the Terminal Adapter to obtain addresses used to then discoverthe locations of the appropriate host to which transactions aredirected. In this embodiment, an address and port location is providedto address transactions, but other addressing information could be usedin other implementations. In conventional systems, the Card Reader 2 istypically programmed with a telephone number establishing a directconnection to a host. Thus, each terminal is programmed with adestination address of the Host. In the present system, the TerminalAdapter determines the appropriate Host to relay the financialtransaction information based on information provided by the Network 33.Further services may include security features that involve a TerminalAdapter to first synchronize using a transaction counter prior tocommunication of transactions. Further, the Terminal Adapter mayidentify itself using a unique programmed identification number to theNetwork 33. Finally, the Terminal Adapter may authenticate itself usinga Message Digest. These activities ensure that Network is communicatingwith a known, trusted entity in a coordinated manner.

The Terminal Adapter may also provide some value added functionsseparate from the data transfer capabilities of the value added servicelayer. These can be viewed as management oriented functions and augmentthe functionality of the Terminal Adapter. For example, automaticconfiguration of the transaction protocol used by the card reader 2allows a variety of terminals to interface with the Terminal Adapter.The card readers 2 are typically programmed with a pre-defined creditcard authorization protocol, such as Visa-II, and rely on the recipient(typically the host, via the PSTN) to know, a priori, which protocol isused. The Terminal Adapter 14 can work with a variety of terminals andis programmed to automatically detect and determine which financialprotocol to use and the address to which the transaction is to bedirected. Thus, the auto configuration capability provides a versatileTerminal Adapter.

Finally, the value added services layer in conjunction with themanagement application handles the downloading of new software andparameters. This ensures that when new value added network services aredeployed requiring a corresponding enhancement in the software in theTerminal Adapter, this can be accomplished without having to physicallyreplace the Terminal Adapter, replace an EPROM chip, or otherwiserequire manual intervention. This function allows the Network toremotely write parameters to the Terminal Adapter and maintain statusinformation as well.

Hardware Overview

One embodiment of the principles of the current invention is illustratedin FIG. 7, which discloses the hardware configuration of the TerminalAdapter 14. The Terminal Adapter is comprised of various readilyavailable integrated circuits. Turning to FIG. 7, the Terminal Adapter700 comprises a ‘front end’ 706, which refers to the terminal interfacesand users inputs/outputs, as well as a ‘back end’ 708, which refers tothe network interfaces.

The Terminal Adapter uses a microprocessor 702 as the main controller.Although the embodiment discloses a microprocessor, other variationssuch as single chip microcomputers or programmable controllers could beused. The microprocessor uses an Input/Output bus to control the various‘front end’ interfaces. These may include a series of LED indicators 710that indicates the overall status of the Terminal Adapter, networkinterface status, and terminal interface status. Alternatively, LCD orother types of displays or visual indicators may be used to reflect thestatus, using, for example, text or icons. The status indicatorsindicate whether the primary or secondary network interface is currentlyin use, modem carriers status, and other diagnostic related indicators.

The Console RS-232 interface 712 allows a local terminal to connect tothe Terminal Adapter and facilitates programming the Terminal Adapter,indicating configuration changes, performing management functions, etc.The four POTS interfaces 714 are used to interface to the terminalsusing a standard RJ-11 telephone connector.

The microprocessor I/O bus also communicates with the network interfaces708. This typically is the same I/O bus as used for communicating withthe terminal interfaces, but it is represented as two separate bussesfor clarity. The network interfaces may comprise an Ethernet Interface724, which uses a standard 10BaseT protocol, and this is used to conveythe primary communication path. The Terminal Adapter may alsoincorporate another POTS interface 722 for conveying the secondarycommunication path as a backup network interface. In one embodiment, theEthernet interface 724 may be optional as the telephone interface 722may be used for conveying both the primary and secondary communicationpaths. Regardless of the configuration, the network interface providesconnectivity for both the primary and secondary communication paths.

The microprocessor 702 also communicates with memory in the form of RAM716, ROM 718, and non-volatile RAM 720 (e.g., ‘flash memory’). In otherembodiments, the ROM and limited RAM could be integrated in themicroprocessor as commonly embodied with single chip microcomputers.

Finally, a power supply 704 is present and this may incorporate abattery backup for saving data in the case of a temporary power outage.A watchdog timer 726 may be incorporated for resetting the TerminalAdapter in case of a lockup. A Manual Reset push button 728 providesanother form for resetting the Terminal Adapter.

Software Overview

The software components associated with the hardware components areillustrated in FIG. 8. The software architecture of the system 800involves a real-time operating system 802 interacting with a TCP/IPprotocol stack 804, value added services 832 and a transaction protocolhandler, which in this embodiment, comprises the VISA terminal interface844.

The TCP/IP stack comprises various well-known protocol handlers, such asPPPoE (point-to-point protocol over Ethernet) 806, PPP (point-to-pointprotocol) 808, and DHCP (dynamic host configuration protocol) 810. Inaddition, the IP (Internet protocol), ICMP (Internet control messageprotocol), and DNS (domain name server) protocols 812 are present, aswell as the UDP/TCP (user datagram protocol/transmission controlprotocol) 814, and the 802.3 Ethernet drivers 818.

The TCP/IP stack 804 interacts with the Network Interface Card 826 thatis the primary network interface using the Ethernet transceiver 828 thatconnects to an RJ-45 connector 830. The TCP/IP stack 804 also interactswith the secondary network interact 820 that incorporates a modem driver822 connected to an RJ-11 connector 824.

The Real Time Operating System 802 also interacts with various ValueAdded Services 832 that may be implemented via modules for conveyingpayload data 836, encrypting data 834, exchanging security keys 838,downloading software 840, and effecting service discovery 842.

Finally, the Real Time Operating System 802 also interacts with theTerminal Interface 844 comprising the software modules for a financialprotocol handler 846, character handler 848, and modem handler 850. TheTerminal Interface 844 then interacts with a POS interface 852 thatmultiplexes and formats the data to a modem standard 854 to one of thefour RJ-11 connectors 856.

FIGS. 7 and 8 illustrate the principles of the current invention asembodied in a Terminal Adapter, but other embodiments exist. Aspreviously indicated, the Terminal Adapter 14 is involved withcommunication with the Network 33, specifically the Nodes 25 or in othercases, indirectly with the NOC. Thus, the Nodes embody the inventiveprinciples as well. The Nodes can be computer servers with large amountsof memory, parallel processing, and hundreds of I/O ports and operatingusing a variety of operating systems, including UNIX, Linux, andWindows. The associated hardware and software structure may vary fromthat disclosed in FIGS. 7 and 8.

Another embodiment is a variation of the Terminal Adapter 14 based on apersonal computer. While the Terminal Adapter embodied in FIGS. 7 and 8is a special purpose computer equipped with special purpose applicationsoftware, a general-purpose personal computer could have softwareinstalled for accomplishing the same functions. Personal computersfrequently incorporate many of the hardware and software componentsillustrated in FIGS. 7 and 8 and commonly incorporate a modem and/or anEthernet Network Interface Card (NIC) for providing Internet access. Thepersonal computer would similarly implement PPPoE or DHCP for Internetaccess over the Ethernet, and PPP over a dial-up connection to an ISPusing the modem. Further, many of the software capabilities (e.g., theTCP/IP stack and modem interfaces) are already present in Internetenabled personal computers. These frequently use a Microsoft Windows™operating system, providing a well-known software platform for softwaredevelopment. Although a PC is a common embodiment for the TerminalAdapter functions, other embodiments are possible, such as installingthe software in a minicomputer, or a server associated with aclient-server implementation, where the server utilizes other operatingsystems, such as UNIX™ or LINUX™.

Another embodiment is possible where the personal computer is configuredsolely with a modem and dial-up capabilities, without Internet access.In this case, the connectivity from the personal computer uses atelephone line for both the primary and secondary communication means,but a different ISP is used and/or Client Node may be involved whendialing a secondary telephone number.

The software for such an embodiment may be loaded into the memory of thepersonal computer, including downloading the software from a web site onthe Internet or uploading the application from a removable media (e.g.,floppy disk, tape, CD, etc.).

In yet another embodiment, an API (application programming interface)library is provided allowing a third party to develop a systemincorporating the value added functions according to the principles ofthe present invention. In this instance, the capabilities of theapplication are defined by the developer and loaded for execution on thePC.

The flexibility of the above embodiments is illustrated in FIG. 9 withrespect to how various value added functions can be developed. In FIG.9A, two embodiments illustrate how PC currently can access the Internetvia an Ethernet and/or a dial-up connection. Specifically, inAlternative 1 900, the PC is executing a POS application 902 that usesthe services of the Operation System 904. The Operating System may beany of the common operating systems found on PCs. In turn, the OperatingSystem 904 uses devices drivers to interact with hardware interfaces.One device driver 906 allows interaction with a modem 910 that connectsto a telephone line 916 as is well known in the art. The other devicedriver 908 interacts with a Network Interface Card (NIC) that isconnected to an Ethernet 914.

An alternative embodiment is illustrated in Alternative 2 920 thatsimilarly incorporates a POS application 902, Operating System 904, anddevice drivers 924, 926. However, these device drivers interact withinterfaces on the PC. Specifically, one device driver 924 interacts witha serial RS-232 interface connected to a modem 930. The other devicedriver 926 interacts with a USB (Universal Serial Bus) connected to aNIC 928. In this embodiment, the hardware for interacting with theEthernet and telephone line are external to the PC and connect via wellknow serial interfaces.

These systems can be readily adapted by loading appropriate software(i.e., a “softmodem”) to incorporate some of the functionality of theTerminal Adapter. This allows the hardware of an existing PCconfiguration to be adapted to interact with the Network to receive thevalue added services. In FIG. 9B, one embodiment is illustrated wherebythe modem and NIC are integrated into the PC (corresponding toAlternative 1 900 of FIG. 9A).

In FIG. 9B, the PC 900 still incorporates the same POS application 902and Operating System 904. Minimal changes, if any, are required to usethe software enhancement 956. Once the softmodem 956 is loaded, itcreates a virtual serial port that receives and sends data to the POSapplication and Operating System. In essence, the POS application sendsdata to the software as if it were another serial interface asillustrated via logical path 950. The softmodem recognizes various modemcommands and data, and after processing, uses the Operating System tointeract with the device drivers. Specifically, the softmodem interactsvia a logical path 952 with the device driver 906 connected to theinternal modem 910 and interacts via a logical path 954 with the devicedriver 908 connected to the NIC 912. The modem 910 and NIC 912 areconnected to a telephone line 916 and Ethernet 914 respectively. In thismanner, the softmodem can use the NIC 912 for conveying a primarycommunication path using the Ethernet and the modem 910 for conveying asecondary communication path using the telephone line.

An alternative embodiment utilizing a softmodem is feasible even if thePC only has an integrated modem, without a NIC accessing an Ethernet.Similar to the Terminal Adapter having only a telephone interface as anetwork connection, the PC softmodem can still initiate a secondarycommunication path using the modem to dial a second telephone number.One advantage of this embodiment is that value added services of theNetwork can be gained by adapting existing PCs without requiringadditional hardware. Some of the above value added services are nowexamined in detail as they pertain to the Terminal Adapter embodiment.As indicated above, the principles of the present inventions are notlimited to the Terminal Adapter embodiment.

Secondary Communication Path

The switch from the primary communication path to a secondarycommunication path is illustrated in FIG. 10. Specifically, FIG. 10illustrates a flowchart depicting detecting an error associated with theprimary communication path, switching to a secondary communication path,and restoring the primary communication path upon determination that theprimary communication path is functioning.

In FIG. 10, the process starts at step 1000. The Terminal Adapter isprocessing transactions normally using the primary communication pathassociated with the Ethernet based network interface at step 1002. Thesystem monitors for failures, errors, or anomalies associated with theprimary communication path at step 1004. The errors may be of differenttypes. For example, an error could occur at the financial transactionprotocol level 1006 as a result of incorrect structure or data. Theerror could be based at the TCP/IP level 1008 as a result of a failureto receive a response to a message. The error could be based on aphysical layer error 1010 as a result of a cut cable. Obviously, a cutcable may trigger errors at other layers. For whatever reason the datacannot be reliably transmitted, the system flow controls the terminals1012 while it determines whether the secondary communication path isconfigured 1014. If not, then no further action can be taken 1018.However, under normal conditions, there will be configuration data inthe parameter file to configure the secondary communication path. Thesystem retrieves the data, including the telephone number 1016 andoriginates a secondary communication path using the PPP protocol over adial-up telephone connection 1020. Once established, the terminaltransaction processing can resume 1022. The system also indicates thecommunication path status via the front panel LEDs 1024 indicating thesecondary communication path is active.

The sending of transactions using the secondary communication path isaccomplished by altering the routing table for the IP address used tosend the transaction. In normal operation, the Terminal Adapter routesthe IP address to send a transaction over the primary communication pathusing the Ethernet network interface (in the embodiment where there aretwo network interfaces) using the PPPoE or DHCP protocol. Rerouting isaccomplished by ‘pointing’ an IP address to the secondary communicationpath using the telephone based network interface and the PPP protocol.

The system periodically monitors the condition that triggered theswitchover at step 1026. This typically involves sending a ‘probe’message over the primary communication path using the Ethernet basednetwork interface. The system has more than one IP address that itobtained via service discovery. While one address is used fortransaction processing, the other is used to probe the primaryconnection. The probe is accomplished by setting up internal TCP/IPtables (ARP and routes) so that probe messages destined for an addressnot currently used for transaction processing are routed to the primary(Ethernet) interface.

Based on the response or lack thereof from a probe message, the TerminalAdapter may determine that transaction processing should continue atstep 1022 using the secondary communication path. If however at step1026, it is determined that the primary communication path has beenrestored and is reliable, the transactions are moved to the primarycommunication path at step 1028 by ‘repointing’ the IP address to routethe data over the Ethernet based network interface. The secondarycommunication path using the telephone connection can then be terminated1030 and the probe messaging can be terminated.

In this manner, the Terminal Adapter can provide reliable, redundanttransaction processing when a failure occurs associated with the primarycommunication path.

FIG. 11 illustrates the protocol structure when the Terminal Adapter isusing the secondary communication path. The communication between thecard reader and the Terminal Adapter is not directly impacted. Thus, theprotocol stack in the card reader 1170 interacts with the peer protocolstack in the Terminal Adapter 1175 in the same manner as normaloperation (see FIG. 6). Similarly, the interaction of the peer protocolstacks in the Node 1187 and the Financial Transaction Processor Host1189 is the same. The main difference during use of the secondarycommunication path is in the communication between the back end of theTerminal Adaptor and the Value Added Client/Services Node (specifically,the left protocol stack of the Node representing the Client Node in FIG.11).

When the Terminal Adapter receives a message from a terminal, themessage is passed down through the value added services layer 1177 viathe TCP/IP layer 1178, but now uses a PPP connection over a telephonelayer 1179. Because the secondary communication path is a telephone(dial-up) connection 1180, PPP is used since it is a common method ofconveying TCP/IP over a dial-up connection. The telephone connectioninteracts with the telephone network to complete the call to an ISP. Thetelephone network and ISP are shown as a combined entity 1181, thoughthose skilled in the art will realize that there is a conversion at somepoint from a physical telephone connection 1180 to another type ofphysical connection 1182. This conversion is performed transparently tothe Node, and the only requirement is that the physical layer 1183 inthe Node corresponds to the protocol used by the Internet provider 1181.Once the message is in the Node, the information flows up from thephysical layer 1183 to the TCP/IP layer 1184, but in this case the PPPprotocol is not likely to be used, since it is not likely that a dial-upconnection is used between the Node and the Internet. The added serviceslayer 1185 ensures that transactions are seamlessly continued using thesecondary communication path using the aforementioned security,authentication, and encryption procedures. The data is relayed to thefinancial transaction protocol layer 1186 where it continues on its wayto the Host.

In this situation, the Services Node (again represented as a combinedClient/Service Node) may be a physically different node than used inconjunction with the primary communication. Further, the Client Node maydetect the existence of a new connection and notify the NOC of thesituation. In this manner, the NOC is able to detect when a givenTerminal Adapter is operating in backup mode. Additionally, different oradditional Core Nodes may be used to route the Transaction to the Host.

At this point, the Terminal Adapter indicates the change in status ofthe primary communication path operation via LEDs or other form ofvisual indications. LEDs are one embodiment for providing users with avisual indication of the status of the primary and/or secondarycommunication path. The terminal also updates a status indicationassociated with each communication path. This status indication may beused by the Terminal Adapter to direct transactions to the primary orsecondary communication path.

During the time in which the secondary communication path is utilizedthe Terminal Adapter is also sending ‘probe’ messages over the primarycommunication path to determine whether the connection is available. Thecriteria used to determine whether it is available may vary. Forexample, the Terminal Adapter may have an error counter within a movingwindow for determining that the primary communication path isunacceptable for conveying transactions. In this situation, the probemessages may result in responses that are monitored for errors.Alternatively, the error causing the switchover may be a total lack ofoperation on the primary path and any response to a probe message mayindicate that the primary communication path is available. Once theprimary path is restored, the Terminal Adapter communicates thetransaction using the primary communication path and the secondary pathis terminated. The change in status is reflected in the LEDs andinternal tables as appropriate.

In some installations, the Terminal Adapter may access the Network withthe primary communication path associated with a dial-up networkconnection. In this case, there is still a form of secondarycommunication path, but this relies on a dial-up connection using thesame telephone line, but to a different telephone number. In thiscircumstance, the secondary communication path does not providecommunication when certain faults occur (e.g., a cut telephone line).However, faults frequently occur in the ISP and are more likely than afailure of the telephone line or telephone network. In this situation,an alternative dial-up connection can be established to an alternativeaccess point of the same ISP or to an alternative ISP. In this manner,when the Terminal Adapter dials a second back up telephone number, itbypasses the original fault. This could result in an alternative ClientNode serving the Terminal Adapter. Another embodiment involves theTerminal Adapter establishing a direct dial-up connection to the ClientNode.

When dial-up is used for both primary and secondary communication paths(i.e., the primary and second communication paths use a common networkinterface), the Terminal Adapter is unable to determine when the primarycommunication path is restored. This is because the ‘probe’ messagescannot be sent out, since the phone line is dedicated for backup access.

The NOC becomes aware when the Terminal Adapter is operating using thesecondary communication path, and monitors the various conditions,including the event causing switchover on behalf of the TerminalAdapter. For example, if a link between the ISP and Client Node fails,the Terminal would switch to the secondary communication path, bypassingthe failed link. The NOC is aware of the link failure, and when the linkis restored, the NOC directs the Terminal Adapter to terminate thesecondary communication path and reinitiate communication using theprimary communication path. There are a variety of techniques foreffecting NOC to Terminal Adapter communication and one approachinvolves using the capabilities of downloading new configurationparameters and code discussed herein.

Automatic Protocol Configuration

FIG. 12A illustrates one embodiment of the Terminal Adapter determiningthe appropriate protocol to use for a given terminal and the host towhich the transaction should be sent. Terminals may use a variety ofprotocols, but typically use an industry standard or proprietaryprotocol for card authorizations. Common industry protocols includeVISA-I and VISA-II for card readers and ATM machines, as well asinternationally recognized protocols, such as ISO 8583.

At a high level, two techniques are generally relevant to determiningthe terminal protocol, the appropriate transaction type message, and theservice name (address) associated with the transaction. These techniquesare parsing and telephone number mapping. How these are used, depend inpart, on the Host capabilities. Specifically, some Hosts may onlyrecognize simple transaction types. In this case, each terminalaccessing that Host is presumed to only require simple transaction typemessages. Consequently, every message is mapped to a simple transactionmessage once the destination host is determined. Other Hosts mayrecognize and require both simple and session transactions. In thiscase, the Terminal Adapter must select the appropriate transactionrequest message when conveying a terminal transaction. Since mosttransactions are of the simple type, the Terminal Adapter in someinstances presumes simple transactions are used, unless exceptionprocessing indicates a session transaction should be used.

In one embodiment, the Terminal Adapter and Host only sends/acceptssimple transactions. The Terminal Adapter only has to recognize theprotocol type (e.g., VISA-I or VISA-II) and the destination Host. Onemethod for the Terminal Adapter to determine the protocol used by theTerminal is based on the telephone number dialed by the terminal. Forexample, in FIG. 12A, the card reader 2 is programmed to dial a definednumber. The Terminal Adapter processes the dialed number using table1290. Table 1290 contains a column 1291 for each defined telephonenumber, a column for the associated protocol type 1224 and a column forthe appropriate service name 1293. In this example, a geographical areamay be served by two host processors as identified by the names‘fubar.1’ and ‘fubar.2’. Each service name can be associated with eitherthe VISA-I or the VISA-II protocol. Thus, there are four telephonenumbers 1294, 1295, 1296, 1297 that are entered into the table; one forevery combination. For example, dialing 404-555-1235 1295 will result inthe Terminal Adapter using the VISA-2 protocol and addressing therequest to the ‘fubar.1’ host.

The Terminal Adapter must still parse the message to extract therelevant information and copy this into a simple transaction requestmessage. This message is sent to the Client Node in the Network usingrouting tables to route the message to a specific Service Node. In thismanner, the Terminal Adapter can easily automatically configure itselfto use the appropriate protocol and select a host on the dialed number.Once at the Service Node, the transaction is then routed to theappropriate Host.

Another method wherein the Terminal Adapter determines the appropriateTerminal protocol is illustrated in FIG. 12B. This method is based ondefined parsing rules and presumes the terminal and host cansend/receive either simple transactions or session transactions.Typically, the vast majority of transactions are simple transactionswith only a few instances requiring session transactions. When aterminal establishes a connection with the Terminal Adapter (e.g., dialsa telephone number and an active connection is established), theTerminal Adapter 14 sends an “ENQ” or Enquiry message 1298 to theTerminal. The Terminal will respond by sending a message 1299 thatincludes a predefined ASCII string. Based on the type of protocolimplemented in the terminal, the message string will have certaincharacteristics. For example, the message string will be one of severallengths with certain values at the beginning and/or end. For example,one rule is:

(STARTS-WITH(“T.”) OR STARTS-WITH(“E.”)) AND LEN(32) ANDENDS-WITH(“98”).

This rule examines the message from the terminal and determines thestarting ASCII character, the length, and the last two characters. Ifthe conditions match, then a table lookup indicates the protocol type,message type, and host address. In this case, the Terminal Adapter mapsa message starting with an ASCII “T.” or “E.” that is 32 bytes long andends with an ASCII “98” to a Session Initiate transaction requestmessage 1289 using the “fubar.1” service name. This requires theTerminal Adapter to implement more sophisticated parsing rules torecognize every type of message for every type of protocol that can bereceived. One approach to simplify the parsing rules is to presume everyterminal message maps to a simple transaction type unless the formatindicates otherwise in some manner. In this case, exception processingcan be used to simplify the parsing rules.

FIG. 12C illustrates the processing of the parsing rules of oneembodiment in further detail. The process starts in step 1220 withretrieving the parsing rules 1221. There are rules to recognize variousmessages, and a first rule is selected in step 1222. The start of thestring is tested for validity 1224 and if no match, the next rule isapplied 1225 and the process starts over. Otherwise, the end of thestring is tested for validity 1226 and if so, it is tested for a match1227. If no match, then the next rule is applied 1225 and the processrepeats. Otherwise, the length is tested for validity 1228 and if amatch occurs 1229, then the message is recognized 1231 and the processis completed 1233, otherwise the next rule is applied 1225 and theprocess repeats. If no matches occur or the string is found invalid, andthere are no more rules 1230, then the message is not recognized 1232and an error exists. The parsing for the string is completed at step1233.

While this approach requires a rule for every message, it does offercertain advantages over the telephone mapping approach. Specifically, itdoes not require administration of different telephone numbers in thecard readers in order to direct transactions to different locations.However, using either technique, the Terminal Adapter can automaticallyrecognize a plurality of protocols used by different terminals, anddetermine the appropriate message type and service host.

Service Discovery, Parameter and Software Download

The concepts of service discovery, parameter download, and softwaredownload are closely related. Service discovery is the process by whichthe terminal adapter discovers the IP addresses for Nodes that canprovide further information, such as the parameter file. Parameter filedownloading involves receiving a file containing configurationparameters. A configuration version number describes this file. Thesoftware download allows new software to be downloaded into the TerminalAdapter and uses address and other parameters obtained in the parameterfile. All three procedures rely on the Terminal Adapter interacting witha Network, but with different degrees of autonomy.

Downloading parameters or software into the Terminal Adapter facilitatesremote correction of software bugs as well as software deployment tointeract with new services with the Network. Terminal Adapters can beupdated without requiring manual replacement of Terminal Adapters, ormanual replacement of a portion of memory chips, such as one or moreread-only-memory (ROM) chips in the Terminal Adapters, or manual loadingof new software. Updating can be done remotely, at convenient times,with minimal cost and interruption in service. The updating of softwareis controlled in part by the NOC. The NOC is the portion of the Networkthat maintains tables associating each Terminal Adapter with itsparameters.

The Terminal Adapter boot software of one embodiment comprises twoseparate programs referred to as DLM (Download Program Manager) and DLP(Downloaded Program). The Terminal Adapter may be factory programmedwith the DLM only, and the DLP may be downloaded from the Network afterthe Terminal Adapter is installed in the client's premises. The DLP istypically stored in non-volatile memory, but in case of a failure of thenon-volatile memory, the hardcoded DLM allows recovery. In addition tothe DLM, every Terminal Adapter is generally factory programmed withvarious parameters to allow it to initially connect to the Network. Aspreviously discussed, these parameters typically include: the TerminalAdapter Identification Number, the secret or private encryption key, andthe Configuration Service Name. These parameters (except for theConfiguration Service Name) can be superceded by obtaining dynamicallyobtained values, though doing so does not erase the programmed values.For example, the Terminal Adapter knows that absent a dynamicallyobtained Service Name stored in non-volatile memory, the default,programmed value is to be used.

The purpose of the DLM is to download and run the latest version offirmware (DLP) that is stored in non-volatile memory. The basicoperation of the DLM of one embodiment is illustrated in FIG. 13A anddescribed in the following steps starting from a system reset or initialpowering up.

In FIG. 13A, the process begins with powering up the Terminal Adapter1350, which is the same as resetting the unit. Upon the very first timeof being powered up, there are no dynamic parameters stored in flash(non-volatile) memory. Thus, only the default programmed values exists.Using the Service Discovery procedure 1352 and the default ConfigurationService Name, the Terminal Adapter obtains at least one TCP/IP addressfor a Client Node to interact with. In step 1353, a TCP connection isestablished using the Ethernet to access the Network, or using PPP overa dial-up telephone line. The Terminal Adapter is programmed with adefault parameter file version (specifically, version zero, indicating adefault parameter file is present and signifying that all the parametersare default values). In step 1354, the Terminal Adapter fetches theparameter data from the Configuration Server. This is done by theTerminal Adapter (specifically, the DLM) indicating its parameter fileversion number to the Network, and the Network responding with a morerecent version followed by the parameter file. The Network will onlysend the parameter data if the Terminal Adapter parameter file versionis not the same as the version value stored in the server database. Inthis example, the Network knows that the version sent by the TerminalAdapter (version zero) indicates a default parameter is present in theTerminal Adapter, indicating that no prior parameter downloads haveoccurred.

If the Terminal Adapter already has the current version, the Networkwill return the same parameter file version number. This informs theTerminal Adapter that it has the latest parameter file and reducesunnecessary transmission of network data. If the Terminal Adapterpreviously had downloaded parameters, but these were corrupted, theparameters can be requested from the server by sending a version numberzero in the packet. Any received data is saved to non-volatile flashmemory in step 1356.

Next, at step 1358, the Terminal Adapter of this embodiment (using theDLM) checks the current DLP version indicated in the parameter file andcompares it against the version that it is currently executing. Itfurther checks to ensure the data is not corrupted (i.e., free fromerrors as detected by a cyclic redundancy check or similar mechanism).If present and uncorrupted, the DLM skips to executing the DLPapplication in step 1368, which then completes the process at step 1370.If instead, the DLP version is not current, then step 1360 is performedto obtain the must current version. The Terminal Adapter retrieves anaddress from the parameter file and connects to the IP address for thepurpose of performing a file transfer using FTP at step 1360. TheTerminal Adapter then downloads the more recent DLP program at step1362. If the download is not correct, at step 1364, then it resetsitself at step 1366 and repeats the process. If the download is correctat step 1364, then the new DLP program is executed at step 1368 and theprocess is completed at step 1370.

The DLP program is the main application program running on the TerminalAdapter and performs the financial transaction processing andinterworking. It uses the same parameters (see FIG. 13B) as used by theDLM. The DLP can, however, have a different Service Name based on adynamically obtained value, as the DLM process uses the value hard codedin the firmware. Advantageously, the DLP periodically checks if there isa more current parameter file, and if any parameters have changed or anew DLP is needed, the DLP performs a reset and the process repeats asdescribed above. Thus, the DLM only performs one parameter file fetch,obtains the DLP, and then executes the DLP. The DLP then periodicallyperforms the parameter file fetch. Only if the DLP resets the TerminalAdapter does the DLM execute itself. However, in this case, the DLM willobserver that various dynamically assigned parameters are present inflash memory and it will utilize those values over the embedded values,skipping some of the above identified steps.

Thus, obtaining new parameters and new application code are closelyrelated, but the capability exists to download new parameters withouthaving to download new application code. Once the DLP is executing, itwill periodically check with the Network to determine whether it has themost current parameter file version. The Network responds by downloadinga new parameter file when a newer parameter version is appropriate. Oneparameter in the file is an indication of a new DLP, which triggers theDLP to initiate a file transfer. In this manner, the Network can controlthe loading of new parameters and software.

The contents of the parameter file of one embodiment are illustrated inFIG. 13B. The first parameter in the file is Configuration Version 1300.This value indicates the current parameter file version the TerminalAdapter should have stored in memory. This could incorporate a timestampto signify the last version obtained. The Terminal Adapter periodicallyqueries the Network as to what is the current version that the TerminalAdapter should be executing. If the Network requires downloading a newparameter file, it returns the current version present in the TerminalAdapter. Otherwise, the NOC returns a more recent parameter file versionvalue as well as the full parameter file. In addition, the NOC canappend management commands to control the Terminal Adapter indicating itto reset or switch communication paths.

The frequency with which the Terminal Adapter checks the ConfigurationVersion 1300 is determined by the Configuration Fetch Interval 1301,typically expressed in seconds. This parameter is set to have theTerminal Adapter check its parameter file version every hour or so,although greater or lesser time intervals may be used. Because thedownloading of new code suspends the normal operation of the TerminalAdapter, the Terminal Adapter may forego a periodic download,particularly if there are financial transactions underway. The “MaximumSkip Configuration Register” 1302 indicates the maximum number of timesthe Terminal Adapter may skip requesting the current parameter version.This value should not be exceeded by the Terminal Adapter regardless ofthe number of pending transactions.

The periodic checking for a new parameter file version also functions asa ‘heartbeat’ indication from the Terminal Adapter to the Network. TheNode receiving the parameter file request forwards the indication to theNOC, allowing the NOC to update its status tables for that TerminalAdapter. Thus, the receipt of a parameter file request by a TerminalAdapter indicates to the NOC that the Terminal Adapter is functioning.If the terminal has not requested its current parameter file version andthe maximum skip interval is exceeded and has not initiated anytransactions, then the NOC knows the Terminal Adapter is notfunctioning. In such a situation, the NOC can initiate another process,such as issuing a notification to a predefined destination in apredefined manner for that Terminal Adapter. For example, thenotification may be an e-mail to a network administrator associated withthe business entity operating the Terminal Adapter identifying themalfunctioning Terminal Adapter. Alternatively, the NOC could initiate apage, a pre-recorded telephone call, or send an alarm message to asystem, file, terminal or printer in the NOC. In this manner, the NOCcan proactively react to a non-functioning Terminal Adapter. Similarly,the Network may also monitor transaction usage, errors, or otherconditions and report these to the NOC, which initiates a similarnotification.

If software download is required based on an updated binary image name(DLP version number), the Terminal Adapter will initiate the requestusing File Transfer Protocol (FTP), a well known means for transferringfiles over the Internet. The address for making the request is obtainedfrom the parameter file as well as required identification and securityinformation. The FTP information 1330 comprises a URL, Port number, UserName, and Password.

The User Name identifies the Terminal Adapter, and an alternativeembodiment could use the Terminal Adapter Identification Number. ThePassword data authenticates the user as being authorized to receive thebinary DLP file.

Since FTP information is transferred without being encrypted using aTCP/IP connection to the Terminal Adapter, other embodiments aredisclosed providing greater security. One approach is to communicate a‘challenge’ based on a random value to the Terminal Adapter. TheTerminal Adapter concatenates the challenge value with its secret keyand computes a Message Digest 5 value to determine a password. TheTerminal Adapter sends this value to the Network that has compared asimilar value based on the Network's knowledge of the Terminal Adapter'ssecret key. If the two values match, the Terminal Adapter isauthenticated.

Another variation to ensure secure file transfer is to use the securedata transfer service of the Network. Specifically, a SessionTransaction is used to communicate the file in an encrypted manner. TheTerminal Adapter and Network use the same encryption methods as forpassing transactions originating from a terminal to a host. Variousauthentication and encryption schemes can be used to effect the filetransfer to an authenticated Terminal Adapter, such as using secure FTPprocedures.

The parameter file of FIG. 13B also includes other parameters, includingcommunication parameter information 1303, binary file characteristics1304, service discovery information 1305, primary communicationinformation 1307, and backup communication information 1309. Thecommunication parameters 1303 indicate the type of ‘backend’ interfacecurrently used by the Terminal Adapter (e.g., Ethernet, secondary ISP,etc.). This value is included by the Terminal Adapter with everyparameter file fetch request and indicates to the Network the currentnetwork interface used by the Terminal Adapter. In this manner, theNetwork is able to monitor the communication path status of eachTerminal Adapter.

Other information includes the binary image file (DLP program)characteristics 1304 including the name, size and error checkinginformation that the Terminal Adapter should be currently using. TheService Discovery information 1305 indicates to the Terminal Adapterwhere terminal transactions should be directed to, typically in the formof a URL. In turn, the Client Node in the Network maps the host name toa URL, which in turn is resolved using the DNS service into an IPaddress. In this manner, the actual IP addresses are ‘hidden’ from theTerminal Adapter, allowing Network changes in address to transparentlyoccur. This could be similarly accomplished by providing the TerminalAdapter a URL, but if the terminal indicated a single URL, then alltraffic would be routed to that single point of interconnection. Sincethe Client Node maps the service to a URL, the Client Node may selectone of several URLs based on geographic location, load capacity (e.g.,transaction processing capacity), or other network management aspects.In this manner, diverse Host processors connected to separate ServiceNodes may be used to provide seamless transaction services to theTerminal Adapter. Further, this approach never ‘exposes’ the hostnetwork addresses and thus provides added security and flexibility.

The parameter file also contains primary communication path information1307 including the telephone number of the primary ISP and anyassociated modem commands (this is only required if primary access isvia dial-up), identification and password information. Additionalcontrol information regarding the PPP settings is included. Similarly,secondary or backup communication path information 1309 is provided.

Illustration of Operation

The overall operation of the system is illustrated in FIG. 14, which isone embodiment and illustrates a subset of the elements that may beinvolved during normal operation.

A card reader 2 is plugged into a Terminal Adapter 14 wherein theTerminal Adapter has access to the Internet 26 via a primarycommunication interface 16. The Terminal Adapter also has a secondarycommunication interface 22 using a POTS telephone line 19 a connected tothe Telephone Network 24. The Terminal Adapter is powered on anddetermines that it does not have a current application program loaded.It examines its default Service Discovery Address information, which isprogrammed into the Terminal Adapter at time of manufacture, and it usesthis information to fetch an updated Service Discovery Address. TheTerminal Adapter then uses this information to synchronize andauthenticate itself to the Network. After this has occurred, it uses asimple transaction to obtain a dynamically determined service name thatit queries to obtain a current parameter file setting. One parameter inthe file indicates the current software code that should be present andthe Terminal Adapter determines whether it should initiate a filetransfer to obtain the current software. It then downloads theinformation using the FTP address information in the parameter file.

Once this is accomplished, the Terminal Adapter is prepared to handleterminal transactions. It synchronizes its transaction counter (ifrequired) with the Client Node 25 a and is authenticated by the ClientNode using the aforementioned techniques. The authentication proceduresalso provide a session token to the Terminal Adapter allowing properencrypting and decrypting of transactional information. Once completed,the Terminal Adapter is ready to process transactions from the CardReader 2.

In this illustration, upon detecting a card swipe, the Card Reader 2initiates a phone call and the Terminal Adapter emulates the necessarytelephone signals so that a connection is established between the cardreader and Terminal Adapter. From the card reader's perspective, itappears to have established a telephone call. The Terminal Adapterqueries the Card Reader using an ENQ (e.g., ASCII ENQ character) messageto solicit a response message. Upon receipt of the response message, theTerminal Adapter parses the message and selects the appropriate protocolfor interacting with the Card Reader. The Terminal Adapter also selectsan appropriate service name that identifies a destination Host processorand transaction type, which is a simple transaction type in thisillustration.

Continuing the illustration, the Terminal Adapter maps the transactionto a simple transaction protocol on an established TCP/IP connection andsends the message to the Client Node 25 a. The Client Node processes thetransaction to ensure that the transaction is allowed, synchronized,authorized, error free, and determines the appropriate Node to which toforward the request to. This decision is based on the host name selectedby the Terminal Adapter in the simple transaction protocol. The ClientNode selects a route to forward the transaction based on, in part, theservice name, link capacity, configuration, and processor loading.Assuming it is forwarded directly to a Service Node 25 b, the ServiceNode 25 b then forwards the transaction to the Financial TransactionProcessor 36 according to the protocol used to interconnect the Host 36and the Service Node 25 b. The Host and Service Node are directlyconnected via a private line 34. The message typically is decryptedprior to communication to the Host. The Host receives the cardauthorization request, responds, and the response is returned to theService Node that typically encrypts the information and routes theresponse back to the Client Node 25 a, then to the Terminal Adapter 14,and then the card reader 2. This illustrates some aspects of a normalcard authorization procedure.

Assuming now a failure associated with the Internet access on theprimary communication path using the primary network interface 16 (e.g.,the connection has broken), the Terminal Adapter recognizes the failureby various means (e.g., lack of response at TCP/IP layer or loss ofelectrical signals at the physical layer). The Terminal Adapterretrieves the secondary communication path parameters from its parameterfile in non-volatile memory, and initiates a dial-up connection to theISP using the telephone number as well as appropriate identification andpassword information. Referencing FIG. 14, the dial-up connectiontravels from the telephone line 19 a through the telephone network 24and then via an alternative connection 19 b to the Client Node 25 a. TheClient Node reached may be the same or different from the one previouslyassociated with the primary communication path. The Terminal Adaptermust resynchronize the transaction counter, identify and authenticateitself before proceeding with transaction processing. The TerminalAdapter also updates its internal communication path status table andLED status indicators accordingly. Since the Client Node is aware of theestablishment of the secondary communication path, it notifies the NOC29 of the failure. The NOC then updates its status tables and thennotifies the appropriate systems and/or personnel that the primaryconnection has malfunctioned.

Periodically, the Terminal Adapter sends a ‘probe’ message over theEthernet interface using the primary communication path to determine ifit is functional. In this illustration, the Terminal Adapter uses anEthernet access to the Internet in conjunction with the primarycommunication path and dial-up access to the Internet in conjunctionwith the secondary communication path. Because separate physical accessmethods are used, the Terminal Adapter can send a ‘probe’ message todetermine whether Internet access using the Ethernet access approach isrestored while using the dial-up access for completing transactions.

This scheme must be modified if a single telephone line is used toestablish a first connection using a first telephone number for theprimary communication path and a second connection using a secondtelephone number for the secondary communication path. That is becausethe primary communication path cannot convey a probe message while thetelephone line is used to support the secondary communication line. Ofcourse, more sophisticated telephony services such as ISDN allow twoconnections to exist on one telephone line, as do other telephony basedservices. Typically, only one communication path can be operationalusing a single telephone line and the NOC will indicate in response to aparameter file version request that the problem causing the primarycommunication path to be inoperable has been corrected and that theTerminal Adapter should switch back to using the primary communicationpath.

If a response is received on the primary communication path access usingthe Ethernet, this indicates the communication path is restored. TheTerminal Adapter switches back to conveying transactions on the primaryconnection. Of course, prior to conveying transaction requests, theTerminal Adapter must first synchronize and authenticate itself on theprimary communication path. Correspondingly, the NOC is aware of whenthe switchback occurs. The Terminal Adapter also updates itscommunication status visually using LEDs, in order to facilitate localdiagnosing of communication status. The Terminal Adapter updates itsoperational status tables regarding the primary and secondarycommunication paths.

Periodically, the Terminal Adapter 14 requests from the Client Node 25 awhat parameter file version it should be executing. This is accomplishedusing a simple transaction request message that includes the TerminalAdapter's identification number and communication path status. TheClient Node forwards this message to the NOC. As a result, the NOC isnow aware of the operational status of the Terminal Adapter. The NOCresponds to the Client Node with a parameter file version number, andthe Client Node forwards the parameter file version number to theTerminal Adapter. Assuming that the version number in the responsematches the version number in the Terminal Adapter, the Terminal Adaptercontinues operating normally. If the NOC responded with a newer versionnumber, it would indicate that at least one parameter in the file hadchanges and would send the parameter file as well. The Terminal Adapterwould examine the parameter file, and if the DLP binary image name wasdifferent, the Terminal Adapter would fetch the current software, loadit, and then execute it.

In this manner, the Terminal Adapter is able to automaticallyinterconnect a variety of Terminal Types, which may implement variousprotocols based on the destination host. The Terminal Adapter inconjunction with the Network ensures a reliable and secure communicationcapability is provided between the Terminal and Host. Should the primarycommunication path fail, the Terminal Adapter uses a secondarycommunication path, and automatically restores the primary communicationpath when available. The NOC is aware of the operational status of eachTerminal Adapter, and provides alarm notifications as appropriate.Further, by the Client Node mapping the service name associated withtransaction requests to a particular Service Node, the Network is ableto route traffic to a selected Host based on various conditions. In thismanner, the Terminal Adapter operating in conjunction with the Nodes 25is able to provide a versatile and flexible transaction oriented networkservice.

Many modifications and other embodiments of the inventions set forthherein will come to mind to one skilled in the art to which theseinventions pertain having the benefit of the teachings presented in theforegoing descriptions and the associated drawings. Therefore, it is tobe understood that the inventions are not to be limited to the specificembodiments disclosed and that modifications and other embodiments areintended to be included within the scope of the appended claims.Although specific terms are employed herein, they are used in a genericand descriptive sense only and not for purposes of limitation.

1. A method for maintaining a status indication in a network operationscenter for a terminal adapter connected to a network node, comprisingthe steps of: receiving a first status update message from the terminaladapter by the network node indicating a first parameter file versionnumber stored in the memory of the terminal adapter, the first statusupdate message further including a terminal adapter identificationnumber and a first primary communication path status; relaying the firststatus update message from the network node to the network operationscenter; receiving the first status update message at the networkoperations center and examining the terminal identification number andthe parameter file version number; and recording a status indication andrecording time in a status indication table at the network operationscenter, wherein the status indication table associates the statusindication and recording time with the terminal adapter identificationnumber.
 2. The method of claim 1 further comprising recoding the firstprimary communication path status indicator in the status indicationtable.
 3. The method of claim 2 wherein the network operations centerafter receiving the first update message compares the first primarycommunications status with a second primary communications status storedin memory and issues a notification message if the first primarycommunications status is different from the second primarycommunications status.
 4. The method of claim 1 further comprising thestep of the network operations center downloading to the terminaladapter a second parameter file version number and a parameter file inresponse to receiving a first status update message.
 5. The method ofclaim 1 further comprising the step of downloading by the networkoperations center to the terminal adapter a plurality of addresses inresponse to receiving a first status updates message.
 6. The method ofclaim 1 further comprising the steps of computing a first authenticationdata in the network operations center; and downloading from the networkoperations center to the terminal adapter encryption data used by theterminal adapter to authenticate the terminal adapter to the network. 7.The method of claim 6 further comprising the steps of receiving at thenetwork operations center a second authentication data sent by theterminal adapter processed in part using the encryption data; andcomparing the first and second authentication data.
 8. The method ofclaim 7 further comprising the step of sending a response from thenetwork to the terminal adapter indicating the terminal adapter isauthenticated if the first and second authentication data are equal. 9.The method of claim 1 further comprising the steps of: starting a statusupdate timer in the network operations center associated with theterminal identification number; resetting the status update timer if asecond status update message is received associated with the terminalidentification number or a transaction is detected originating from theterminal adapter; determining whether the status update timer exceeds adefined limit; and issuing a notification based using in part uponinformation indicated in the status indication table if the statusupdate time exceeds the defined limit.
 10. The method of claim 9 whereinthe notification is an email sent to an address associated with thestatus indication table.
 11. The method of claim 9 wherein thenotification is a telephone call to a telephone number associated withthe status indication table.
 12. A system for maintaining a status in anetwork operations center of a terminal adapter connected to atransaction network comprising: a network operatively connected to theterminal adapter adapted to receive a first status indication messagefrom the terminal adapter, the first status indication message includinga terminal identification number, a first parameter file version number,and a first communication path status indicator, and a networkoperations center operatively connected to the network adapted toreceive the first status indication message from the network, thenetwork operations center comprising a processor and memory, theprocessor determining a time associated with the receipt of the firststatus indication message in a status table and starting a timer, andthe memory storing the status table associated with the terminalidentification number.
 13. The system of claim 12 wherein the statustable stored in memory further comprises a second communication pathindicator associated with the terminal adapter and the processorcompares the first communication indicator with the second communicationpath indicator and issues a notification message if the firstcommunication indicator is different than the second communication pathindicator.
 14. The system of claim 12 wherein the processor furtherexamines the first parameter file version number in the first statusindication message and responds by sending a second parameter fileversion number in a response message to the terminal adapter.
 15. Thesystem of claim 12 wherein the processor further examines the firstparameter file version number in the first status indication message andresponds by sending a plurality of addresses in a response message tothe terminal adapter.
 16. The system of claim 12 wherein the processorfurther examines the terminal identification number in the first statusindication message and responds by sending authentication data in aresponse message.
 17. The system of claim 12 wherein the processor uponreceipt of a second status indication message resets the status updatetimer.
 18. The system of claim 12 wherein the processor issues an emailmessage to an address determined in part by the terminal identificationnumber when the status update timer exceeds a defined amount.
 19. Thesystem of claim 12 wherein the processor upon the status update timerexceeding a defined amount displays a message on a computer monitorcomprising contact information including a telephone number.
 20. Thesystem of claim 12 wherein the terminal adapter comprises softwareloaded in a computer adapted for point-of-sale applications.